–UK’s Ministry of Defence Plans to Recruit Hundreds for Joint Cyber Reserve Unit
Defence Secretary Philip Hammond said that the UK’s Ministry of Defence
(MoD) is aiming to recruit hundreds of IT experts to serve as cyber reservists. Last year, UK cyber defense workers blocked 400,000 sophisticated cyber threats against government systems. The reservists will work along with regular IT specialists in the Joint Cyber Reserve Unit, which will have the task of protecting critical networks and data.
MoD has budgeted GBP 500 million (US $810 million) for the program.
http://news.cnet.com/8301-1009_3-57605262-83/uk-gears-up-for-cyberwarfare-offensives/
http://www.theregister.co.uk/2013/09/30/uk_cyber_reserve_force/
http://www.bbc.co.uk/news/uk-24321717
[Editor’s Note (Henry): More and more governments are applying their personnel capabilities, both active-duty and reserves, against the national security network threat. This will ultimately result in more and better trained resources for the commercial sector. While I see this as an important and necessary application of resources…one of the government’s primary roles is to protect its citizens…I’d like to see these increased resources result in a greater sharing of actionable intelligence with the private sector so they can better protect themselves.]
–Long Overdue Change In Qualifications for NSA/DHS Centers of Academic Excellence
The National Security Agency has raised the standards for acceptance into the Information Assurance Center of Academic Excellence (CAE) program, and all 200 schools who were accepted the old standards will need to requalify. “I definitely see this as long-overdue change,” says Victor Piotrowski, who in his role at the National Science Foundation helps oversee millions of dollars in annual spending on postsecondary cybersecurity education and work-force development. “The step is in the right direction, but the big question is, is it going to be executed effectively? We will see in a couple of years how it works out.” The CAE program is a marketing boon to colleges; but hiring managers in federal agencies report that few of the CAE colleges are producing graduates with the advanced technical skills needed by the nation and envisioned for the program. Graduates without those advanced technical skills face a bleak job market and are questioning the value of the large loans they took out to pay for the soft, survey and policy-oriented courses they were given.
http://chronicle.com/article/Federal-Agencies-Revamp/141953/
–Internet Explorer Flaw Actively Exploited (September 27, 2013) Code that exploits an unpatched vulnerability in Internet Explorer (IE) is becoming widely distributed. The flaw affects all version of IE and has been exploited in targeted attacks on systems in Taiwan since July.
Microsoft has acknowledged the issue, releasing a security advisory and a workaround to help users protect their systems until a patch is available.
http://www.zdnet.com/ie-zero-day-actively-being-exploited-in-the-wild-rapid7-7000021249/
http://blogs.technet.com/b/srd/archive/2013/09/17/cve-2013-3893-fix-it-workaround-available.aspx
[Editor’s Note (Pescatore): These manual workarounds are hugely disruptive and expensive. It is like telling delivery truck drivers to stop every few miles and wrap their tires in duct tape until someone figures out why the tires keep leaking.
(Murray): While the vulnerability is global, attacks have been focused on targets in Japan. Risk-averse readers may want to test the work-around. However, deploying it at this time is likely to be more expensive than tolerating the risk for the window of time until a patch becomes available.]
Deja un comentario